Primary Objectives
- Ensure consistent and effective implementation of Technology Risk Management in line with MAS TRM Guidelines and Head Office (HO) IT Risk policies.
- Sustain a robust, audit‑ready IT control environment through disciplined governance, comprehensive documentation, and sound security operations.
- Execute cybersecurity initiatives, vendor governance activities, and regulatory compliance obligations for the branch.
Key Responsibilities
- Manage and operate the Branch IT Risk Framework, including the Risk Register, outsourcing due diligence (DD), Technology Committee materials, Critical System Assessments, and Business Continuity Planning (BCP). Emphasis is placed on accurate execution, structured processes, and thorough documentation to support hands‑on experience in regulatory IT risk management within a banking context.
- Conduct timely assessments and gap analyses against MAS Notices, Guidelines, and Circulars, and track remediation progress.
- Collaborate with HO IT Risk Management and Cyber Security teams to carry out risk assessments and cyber exercises aligned with MAS TRM, NIST CSF, and SWIFT CSP standards.
- Support cybersecurity awareness initiatives and facilitate management‑level tabletop exercises.
- Maintain IT policies, procedures, and audit‑ready documentation.
- Monitor IT security controls, including patch management, vulnerability advisories, access controls, and segregation of duties.
- Oversee vendor governance in accordance with MAS Outsourcing Guidelines, including SLA monitoring and contract renewals.
- Review and validate IT risk and control assessments (including DD outputs) from both IT vendors and non‑IT business function vendors.
- Provide support for internal and external audits, regulatory reviews, and management reporting.
Competencies
- Strong knowledge of regulatory IT risk and security frameworks such as MAS TRM, NIST CSF, SWIFT CSP, OSPAR, SOC 2, and ISO 27001.
- Demonstrated ability to execute governance processes in a structured, accurate, and detail‑oriented manner.
- Excellent documentation and evidence management skills to support compliance with MAS requirements, SWIFT CSP, and internal policies, including producing clear, defensible audit and regulatory records.
- Effective coordination and communication skills for engagement with HO teams, auditors, regulators, and internal stakeholders.
Requirements
- Diploma or degree in an IT‑related discipline.
- Business‑level English proficiency is mandatory Japanese proficiency (JLPT N1-N2) is advantageous, particularly for interaction with Japan Head Office.
- At least 1-3 years of experience in IT Risk, IT Audit, or Cybersecurity Governance within banking or another regulated industry.
- Strong foundational technical knowledge (e.g., networks, operating systems, access controls) and familiarity with recognized control frameworks (MAS TRM, NIST CSF, OSPAR, SOC 2, ISO 27001).
- Ability to operate effectively in a structured, compliance‑driven IT environment, with strong documentation and coordination capabilities.
JaspreetKaur Sran (R22109724)
JAC Recruitment Pte. Ltd. (90C3026)
#LI-JACSG
